activemerchant 1.21.0 → 1.22.0

data/lib/active_merchant/billing/gateways/ogone.rb

@@ -9,17 +9,23 @@ module ActiveMerchant #:nodoc:
     # communication between Ogone systems and your e-commerce website.
     #
     # This implementation follows the specification provided in the DirectLink integration
-    # guide version 4.2.0 (26 October 2011), available here:
+    # guide version 4.3.0 (25 April 2012), available here:
     # https://secure.ogone.com/ncol/Ogone_DirectLink_EN.pdf
     #
     # It also features aliases, which allow to store/unstore credit cards, as specified in
-    # the Alias Manager Option guide version 3.2.0 (26 October 2011) available here:
+    # the Alias Manager Option guide version 3.2.1 (25 April 2012) available here:
     # https://secure.ogone.com/ncol/Ogone_Alias_EN.pdf
     #
-    # It was last tested on Release 4.89 of Ogone DirectLink + AliasManager (26 October 2011).
+    # It also implements the 3-D Secure feature, as specified in the DirectLink with
+    # 3-D Secure guide version 3.0 (25 April 2012) available here:
+    # https://secure.ogone.com/ncol/Ogone_DirectLink-3-D_EN.pdf
+    #
+    # It was last tested on Release 4.92 of Ogone DirectLink + AliasManager + Direct Link 3D
+    # (25 April 2012).
     #
     # For any questions or comments, please contact one of the following:
-    # - Nicolas Jacobeus (nj@belighted.com),
+    # - Joel Cogen (joel.cogen@belighted.com)
+    # - Nicolas Jacobeus (nicolas.jacobeus@belighted.com),
     # - Sébastien Grosjean (public@zencocoon.com),
     # - Rémy Coutable (remy@jilion.com).
     #
@@ -52,17 +58,46 @@ module ActiveMerchant #:nodoc:
     #   puts response.success?      # Check whether the transaction was successful
     #   puts response.message       # Retrieve the message returned by Ogone
     #   puts response.authorization # Retrieve the unique transaction ID returned by Ogone
+    #   puts response.order_id      # Retrieve the order ID
     #
     # == Alias feature
     #
-    #   To use the alias feature, simply add :store in the options hash:
+    #   To use the alias feature, simply add :billing_id in the options hash:
     #
     #   # Associate the alias to that credit card
-    #   gateway.purchase(1000, creditcard, :order_id => "1", :store => "myawesomecustomer")
+    #   gateway.purchase(1000, creditcard, :order_id => "1", :billing_id => "myawesomecustomer")
     #
     #   # You can use the alias instead of the credit card for subsequent orders
     #   gateway.purchase(2000, "myawesomecustomer", :order_id => "2")
     #
+    #   # You can also create an alias without making a purchase using store
+    #   gateway.store(creditcard, :billing_id => "myawesomecustomer")
+    #
+    #   # When using store, you can also let Ogone generate the alias for you
+    #   response = gateway.store(creditcard)
+    #   puts response.billing_id  # Retrieve the generated alias
+    #
+    # == 3-D Secure feature
+    #
+    #   To use the 3-D Secure feature, simply add :d3d => true in the options hash:
+    #   gateway.purchase(2000, "myawesomecustomer", :order_id => "2", :d3d => true)
+    #
+    #   Specific 3-D Secure request options are (please refer to the documentation for more infos about these options):
+    #     :win_3ds         => :main_window (default), :pop_up or :pop_ix.
+    #     :http_accept     => "*/*" (default), or any other HTTP_ACCEPT header value.
+    #     :http_user_agent => The cardholder's User-Agent string
+    #     :accept_url      => URL of the web page to show the customer when the payment is authorized.
+    #                         (or waiting to be authorized).
+    #     :decline_url     => URL of the web page to show the customer when the acquirer rejects the authorization
+    #                         more than the maximum permitted number of authorization attempts (10 by default, but can
+    #                         be changed in the "Global transaction parameters" tab, "Payment retry" section of the
+    #                         Technical Information page).
+    #     :exception_url   => URL of the web page to show the customer when the payment result is uncertain.
+    #     :paramplus       => Field to submit the miscellaneous parameters and their values that you wish to be
+    #                         returned in the post sale request or final redirection.
+    #     :complus         => Field to submit a value you wish to be returned in the post sale request or output.
+    #     :language        => Customer's language, for example: "en_EN"
+    #
     class OgoneGateway < Gateway
 
       URLS = {
@@ -80,8 +115,16 @@ module ActiveMerchant #:nodoc:
 
       SUCCESS_MESSAGE = "The transaction was successful"
 
+      THREE_D_SECURE_DISPLAY_WAYS = { :main_window => 'MAINW',  # display the identification page in the main window
+                                                                # (default value).
+                                      :pop_up      => 'POPUP',  # display the identification page in a pop-up window
+                                                                # and return to the main window at the end.
+                                      :pop_ix      => 'POPIX' } # display the identification page in a pop-up window
+                                                                # and remain in the pop-up window.
+
       OGONE_NO_SIGNATURE_DEPRECATION_MESSAGE   = "Signature usage will be required from a future release of ActiveMerchant's Ogone Gateway. Please update your Ogone account to use it."
       OGONE_LOW_ENCRYPTION_DEPRECATION_MESSAGE = "SHA512 signature encryptor will be required from a future release of ActiveMerchant's Ogone Gateway. Please update your Ogone account to use it."
+      OGONE_STORE_OPTION_DEPRECATION_MESSAGE   = "The 'store' option has been renamed to 'billing_id', and its usage is deprecated."
 
       self.supported_countries = ['BE', 'DE', 'FR', 'NL', 'AT', 'CH']
       # also supports Airplus and UATP
@@ -152,6 +195,14 @@ module ActiveMerchant #:nodoc:
         perform_reference_credit(money, reference, options)
       end
 
+      # Store a credit card by creating an Ogone Alias
+      def store(payment_source, options = {})
+        options.merge!(:alias_operation => 'BYOGONE') unless options.has_key?(:billing_id) || options.has_key?(:store)
+        response = authorize(1, payment_source, options)
+        void(response.authorization) if response.success?
+        response
+      end
+
       def test?
         @options[:test] || super
       end
@@ -164,7 +215,7 @@ module ActiveMerchant #:nodoc:
 
       def reference_transaction?(identifier)
         return false unless identifier.is_a?(String)
-        reference, action = identifier.split(";")
+        _, action = identifier.split(";")
         !action.nil?
       end
 
@@ -188,21 +239,44 @@ module ActiveMerchant #:nodoc:
 
       def add_payment_source(post, payment_source, options)
         if payment_source.is_a?(String)
-          add_alias(post, payment_source)
+          add_alias(post, payment_source, options[:alias_operation])
           add_eci(post, options[:eci] || '9')
         else
-          add_alias(post, options[:store])
+          if options.has_key?(:store)
+            deprecated OGONE_STORE_OPTION_DEPRECATION_MESSAGE
+            options[:billing_id] ||= options[:store]
+          end
+          add_alias(post, options[:billing_id], options[:alias_operation])
           add_eci(post, options[:eci] || '7')
+          add_d3d(post, options) if options[:d3d]
           add_creditcard(post, payment_source)
         end
       end
 
+      def add_d3d(post, options)
+        add_pair post, 'FLAG3D', 'Y'
+        win_3ds = THREE_D_SECURE_DISPLAY_WAYS.key?(options[:win_3ds]) ?
+          THREE_D_SECURE_DISPLAY_WAYS[options[:win_3ds]] :
+          THREE_D_SECURE_DISPLAY_WAYS[:main_window]
+        add_pair post, 'WIN3DS', win_3ds
+
+        add_pair post, 'HTTP_ACCEPT',     options[:http_accept] || "*/*"
+        add_pair post, 'HTTP_USER_AGENT', options[:http_user_agent] if options[:http_user_agent]
+        add_pair post, 'ACCEPTURL',       options[:accept_url]      if options[:accept_url]
+        add_pair post, 'DECLINEURL',      options[:decline_url]     if options[:decline_url]
+        add_pair post, 'EXCEPTIONURL',    options[:exception_url]   if options[:exception_url]
+        add_pair post, 'PARAMPLUS',       options[:paramplus]       if options[:paramplus]
+        add_pair post, 'COMPLUS',         options[:complus]         if options[:complus]
+        add_pair post, 'LANGUAGE',        options[:language]        if options[:language]
+      end
+
       def add_eci(post, eci)
         add_pair post, 'ECI', eci.to_s
       end
 
-      def add_alias(post, _alias)
+      def add_alias(post, _alias, alias_operation = nil)
         add_pair post, 'ALIAS', _alias
+        add_pair post, 'ALIASOPERATION', alias_operation unless alias_operation.nil?
       end
 
       def add_authorization(post, authorization)
@@ -242,7 +316,15 @@ module ActiveMerchant #:nodoc:
 
       def parse(body)
         xml_root = REXML::Document.new(body).root
-        convert_attributes_to_hash(xml_root.attributes)
+        response = convert_attributes_to_hash(xml_root.attributes)
+
+        # Add HTML_ANSWER element (3-D Secure specific to the response's params)
+        # Note: HTML_ANSWER is not an attribute so we add it "by hand" to the response
+        if html_answer = REXML::XPath.first(xml_root, "//HTML_ANSWER")
+          response["HTML_ANSWER"] = html_answer.text
+        end
+
+        response
       end
 
       def commit(action, parameters)
@@ -259,7 +341,7 @@ module ActiveMerchant #:nodoc:
           :avs_result    => { :code => AVS_MAPPING[response["AAVCheck"]] },
           :cvv_result    => CVV_MAPPING[response["CVCCheck"]]
         }
-        Response.new(successful?(response), message_from(response), response, options)
+        OgoneResponse.new(successful?(response), message_from(response), response, options)
       end
 
       def successful?(response)
@@ -326,5 +408,15 @@ module ActiveMerchant #:nodoc:
         response_hash
       end
     end
+
+    class OgoneResponse < Response
+      def order_id
+        @params['orderID']
+      end
+
+      def billing_id
+        @params['ALIAS']
+      end
+    end
   end
 end

data/lib/active_merchant/billing/gateways/orbital.rb

@@ -77,6 +77,8 @@ module ActiveMerchant #:nodoc:
         "EUR" => '978'
       }
 
+      AVS_SUPPORTED_COUNTRIES = ['US', 'CA', 'UK', 'GB']
+
       def initialize(options = {})
         requires!(options, :merchant_id)
         requires!(options, :login, :password) unless options[:ip_authentication]
@@ -148,12 +150,7 @@ module ActiveMerchant #:nodoc:
 
       def add_address(xml, creditcard, options)      
         if address = options[:billing_address] || options[:address]
-          xml.tag! :AVSzip, address[:zip]
-          xml.tag! :AVSaddress1, address[:address1]
-          xml.tag! :AVSaddress2, address[:address2]
-          xml.tag! :AVScity, address[:city]
-          xml.tag! :AVSstate, address[:state]
-          xml.tag! :AVSphoneNum, address[:phone] ? address[:phone].scan(/\d/).join.to_s : nil
+          add_avs_details(xml, address)
           xml.tag! :AVSname, creditcard.name
           xml.tag! :AVScountryCode, address[:country]
         end
@@ -177,6 +174,18 @@ module ActiveMerchant #:nodoc:
         xml.tag! :CurrencyExponent, '2' # Will need updating to support currencies such as the Yen.
       end
       
+      def add_avs_details(xml, address)
+        return unless AVS_SUPPORTED_COUNTRIES.include?(address[:country].to_s)
+
+        xml.tag! :AVSzip, address[:zip]
+        xml.tag! :AVSaddress1, address[:address1]
+        xml.tag! :AVSaddress2, address[:address2]
+        xml.tag! :AVScity, address[:city]
+        xml.tag! :AVSstate, address[:state]
+        xml.tag! :AVSphoneNum, address[:phone] ? address[:phone].scan(/\d/).join.to_s : nil
+      end
+
+
       def parse(body)
         response = {}
         xml = REXML::Document.new(body)

data/lib/active_merchant/billing/gateways/paybox_direct.rb

@@ -1,5 +1,3 @@
-require 'iconv'
-
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class PayboxDirectGateway < Gateway
@@ -39,7 +37,7 @@ module ActiveMerchant #:nodoc:
 
       SUCCESS_CODES = ['00000']
       UNAVAILABILITY_CODES = ['00001', '00097', '00098']
-      FRAUD_CODES = ['00102','00104','00105','00134','00138','00141','00143','00156','00157','00159']
+      FRAUD_CODES = ['00102','00104','00134','00138','00141','00143','00157','00159']
       SUCCESS_MESSAGE = 'The transaction was approved'
       FAILURE_MESSAGE = 'The transaction failed'
 
@@ -132,7 +130,6 @@ module ActiveMerchant #:nodoc:
       end
 
       def parse(body)
-        body = Iconv.iconv("UTF-8","LATIN1", body.to_s).join
         results = {}
         body.split(/&/).each do |pair|
           key,val = pair.split(/\=/)

data/lib/active_merchant/billing/gateways/payflow.rb

@@ -198,7 +198,7 @@ module ActiveMerchant #:nodoc:
                   xml.tag! 'PayPeriod', get_pay_period(options)
                   xml.tag! 'Term', options[:payments] unless options[:payments].nil?
                   xml.tag! 'Comment', options[:comment] unless options[:comment].nil?
-                
+                  xml.tag! 'RetryNumDays', options[:retry_num_days] unless options[:retry_num_days].nil?
                 
                   if initial_tx = options[:initial_transaction]
                     requires!(initial_tx, [:type, :authorization, :purchase])
@@ -207,8 +207,13 @@ module ActiveMerchant #:nodoc:
                     xml.tag! 'OptionalTrans', TRANSACTIONS[initial_tx[:type]]
                     xml.tag! 'OptionalTransAmt', amount(initial_tx[:amount]) unless initial_tx[:amount].blank?
                   end
-                
-                  xml.tag! 'Start', format_rp_date(options[:starting_at] || Date.today + 1 )
+                  
+                  if action == :add
+                    xml.tag! 'Start', format_rp_date(options[:starting_at] || Date.today + 1 )
+                  else
+                    xml.tag! 'Start', format_rp_date(options[:starting_at]) unless options[:starting_at].nil?
+                  end
+                  
                   xml.tag! 'EMail', options[:email] unless options[:email].nil?
                   
                   billing_address = options[:billing_address] || options[:address]

data/lib/active_merchant/billing/gateways/payflow/payflow_common_api.rb

@@ -111,7 +111,10 @@ module ActiveMerchant #:nodoc:
         
           unless money.nil?
             xml.tag! 'Invoice' do
-              xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+              xml.tag!('TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money))
+              xml.tag!('Description', options[:description]) unless options[:description].blank?
+              xml.tag!('Comment', options[:comment]) unless options[:comment].blank?
+              xml.tag!('ExtData', 'Name'=> 'COMMENT2', 'Value'=> options[:comment2]) unless options[:comment2].blank?
             end
           end
         end

data/lib/active_merchant/billing/gateways/payflow_express.rb

@@ -33,6 +33,7 @@ module ActiveMerchant #:nodoc:
       # [<tt>:notify_url</tt>] (opt) Your URL for receiving Instant Payment Notification (IPN) about this transaction.
       # [<tt>:comment</tt>] (opt) Comment field which will be reported to Payflow backend (at manager.paypal.com) as Comment1
       # [<tt>:comment2</tt>] (opt) Comment field which will be reported to Payflow backend (at manager.paypal.com) as Comment2
+      # [<tt>:discount</tt>] (opt) Total discounts in cents
       #
       # ==Line Items
       # Support for order line items is available, but has to be enabled on the PayFlow backend. This is what I was told by Todd Sieber at Technical Support:
@@ -177,10 +178,11 @@ module ActiveMerchant #:nodoc:
             end
             if items.any?
               xml.tag! 'ExtData', 'Name' => 'CURRENCY', 'Value' => options[:currency] || currency(money)
-              xml.tag! 'ExtData', 'Name' => "ITEMAMT", 'Value' => amount(money)
+              xml.tag! 'ExtData', 'Name' => "ITEMAMT", 'Value' => amount(options[:subtotal] || money)
             end
-
+            xml.tag! 'DiscountAmt', amount(options[:discount]) if options[:discount]
             xml.tag! 'TotalAmt', amount(money), 'Currency' => options[:currency] || currency(money)
+
           end
 
           xml.tag! 'Tender' do

data/lib/active_merchant/billing/gateways/payment_express.rb

@@ -16,7 +16,7 @@ module ActiveMerchant #:nodoc:
       # However, regular accounts with DPS only support VISA and Mastercard
       self.supported_cardtypes = [ :visa, :master, :american_express, :diners_club, :jcb ]
       
-      self.supported_countries = [ 'AU', 'MY', 'NZ', 'SG', 'ZA', 'GB', 'US' ]
+      self.supported_countries = %w[ AU MY NZ SG ZA GB US ]
       
       self.homepage_url = 'http://www.paymentexpress.com/'
       self.display_name = 'PaymentExpress'

data/lib/active_merchant/billing/gateways/paypal.rb

@@ -1,10 +1,12 @@
 require File.dirname(__FILE__) + '/paypal/paypal_common_api'
+require File.dirname(__FILE__) + '/paypal/paypal_recurring_api'
 require File.dirname(__FILE__) + '/paypal_express'
 
 module ActiveMerchant #:nodoc:
   module Billing #:nodoc:
     class PaypalGateway < Gateway
       include PaypalCommonAPI
+      include PaypalRecurringApi
       
       self.supported_cardtypes = [:visa, :master, :american_express, :discover]
       self.supported_countries = ['US']
@@ -49,24 +51,7 @@ module ActiveMerchant #:nodoc:
             xml.tag! 'n2:' + transaction_type + 'RequestDetails' do
               xml.tag! 'n2:ReferenceID', reference_id if transaction_type == 'DoReferenceTransaction'
               xml.tag! 'n2:PaymentAction', action
-              xml.tag! 'n2:PaymentDetails' do
-                xml.tag! 'n2:OrderTotal', localized_amount(money, currency_code), 'currencyID' => currency_code
-                
-                # All of the values must be included together and add up to the order total
-                if [:subtotal, :shipping, :handling, :tax].all?{ |o| options.has_key?(o) }
-                  xml.tag! 'n2:ItemTotal', localized_amount(options[:subtotal], currency_code), 'currencyID' => currency_code
-                  xml.tag! 'n2:ShippingTotal', localized_amount(options[:shipping], currency_code),'currencyID' => currency_code
-                  xml.tag! 'n2:HandlingTotal', localized_amount(options[:handling], currency_code),'currencyID' => currency_code
-                  xml.tag! 'n2:TaxTotal', localized_amount(options[:tax], currency_code), 'currencyID' => currency_code
-                end
-                
-                xml.tag! 'n2:NotifyURL', options[:notify_url]
-                xml.tag! 'n2:OrderDescription', options[:description]
-                xml.tag! 'n2:InvoiceID', options[:order_id]
-                xml.tag! 'n2:ButtonSource', application_id.to_s.slice(0,32) unless application_id.blank? 
-                
-                add_address(xml, 'n2:ShipToAddress', options[:shipping_address]) if options[:shipping_address]
-              end
+              add_payment_details(xml, money, currency_code, options)
               add_credit_card(xml, credit_card_or_referenced_id, billing_address, options) unless transaction_type == 'DoReferenceTransaction'
               xml.tag! 'n2:IPAddress', options[:ip]
             end

data/lib/active_merchant/billing/gateways/paypal/paypal_common_api.rb

@@ -117,7 +117,158 @@ module ActiveMerchant #:nodoc:
         refund(money, identification, options)
       end
 
+      # ==== For full documentation see {Paypal API Reference:}[https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_soap_r_DoReferenceTransaction]
+      # ==== Parameter:
+      # * <tt>:money</tt> -- (Required) The amount of this new transaction,
+      # required fo the payment details portion of this request
+      #
+      # ==== Options:
+      # * <tt>:reference_id</tt> -- (Required) A transaction ID from a previous purchase, such as a credit card charge using the DoDirectPayment API, or a billing agreement ID.
+      # * <tt>:payment_action</tt> -- (Optional) How you want to obtain payment. It is one of the following values:
+      #
+      #     Authorization – This payment is a basic authorization subject to settlement with PayPal Authorization and Capture.
+      #     Sale – This is a final sale for which you are requesting payment.
+      #
+      # * <tt>:ip_address</tt> -- (Optional) IP address of the buyer’s browser.
+      # Note: PayPal records this IP addresses as a means to detect possible fraud.
+      # * <tt>:req_confirm_shipping</tt> -- Whether you require that the buyer’s shipping address on file with PayPal be a confirmed address. You must have permission from PayPal to not require a confirmed address. It is one of the following values:
+      #
+      #     0 – You do not require that the buyer’s shipping address be a confirmed address.
+      #     1 – You require that the buyer’s shipping address be a confirmed address.
+      #     
+      # * <tt>:merchant_session_id</tt> -- (Optional) Your buyer session identification token.
+      # * <tt>:return_fmf_details</tt> -- (Optional) Flag to indicate whether you want the results returned by Fraud Management Filters. By default, you do not receive this information. It is one of the following values:
+      #
+      #     0 – Do not receive FMF details (default)
+      #     1 – Receive FMF details
+      #
+      # * <tt>:soft_descriptor</tt> -- (Optional) Per transaction description of the payment that is passed to the consumer’s credit card statement. If the API request provides a value for the soft descriptor field, the full descriptor displayed on the buyer’s statement has the following format:
+      #
+      #     <PP * | PAYPAL *><Merchant descriptor as set in the Payment Receiving Preferences><1 space><soft descriptor>
+      #     The soft descriptor can contain only the following characters:
+      #     
+      #     Alphanumeric characters
+      #     - (dash)
+      #     * (asterisk)
+      #     . (period)
+      #     {space}
+      # 
+      def reference_transaction(money, options = {})
+        requires!(options, :reference_id)
+        commit 'DoReferenceTransaction', build_reference_transaction_request(money, options)
+      end
+
+      def transaction_details(transaction_id)
+        commit 'GetTransactionDetails', build_get_transaction_details(transaction_id)
+      end
+
+      # ==== For full documentation see {PayPal API Reference}[https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_soap_r_TransactionSearch]
+      # ==== Options:
+      # * <tt>:payer </tt> -- (Optional) Search by the buyer’s email address.
+      # * <tt>:receipt_id </tt> -- (Optional) Search by the PayPal Account Optional receipt ID.
+      # * <tt>:receiver </tt> -- (Optional) Search by the receiver’s email address. If the merchant account has only one email address, this is the primary email. It can also be a non-primary email address.
+      # * <tt>:transaction_id</tt> -- (Optional) Search by the transaction ID. The returned results are from the merchant’s transaction records.
+      # * <tt>:invoice_id</tt> -- (Optional) Search by invoice identification key, as set by you for the original transaction. This field searches the records for items the merchant sells, not the items purchased.
+      # * <tt>:card_number </tt> -- (Optional) Search by credit card number, as set by you for the original transaction. This field searches the records for items the merchant sells, not the items purchased.
+      # * <tt>:auction_item_number </tt> -- (Optional) Search by auction item number of the purchased goods.
+      # * <tt>:transaction_class </tt> -- (Optional) Search by classification of transaction. Some kinds of possible classes of transactions are not searchable with this field. You cannot search for bank transfer withdrawals, for example. It is one of the following values:
+      #     All – All transaction classifications
+      #     Sent – Only payments sent
+      #     Received – Only payments received
+      #     MassPay – Only mass payments
+      #     MoneyRequest – Only money requests
+      #     FundsAdded – Only funds added to balance
+      #     FundsWithdrawn – Only funds withdrawn from balance
+      #     Referral – Only transactions involving referrals
+      #     Fee – Only transactions involving fees
+      #     Subscription – Only transactions involving subscriptions
+      #     Dividend – Only transactions involving dividends
+      #     Billpay – Only transactions involving BillPay Transactions
+      #     Refund – Only transactions involving funds
+      #     CurrencyConversions – Only transactions involving currency conversions
+      #     BalanceTransfer – Only transactions involving balance transfers
+      #     Reversal – Only transactions involving BillPay reversals
+      #     Shipping – Only transactions involving UPS shipping fees
+      #     BalanceAffecting – Only transactions that affect the account balance
+      #     ECheck – Only transactions involving eCheck
+      # 
+      # * <tt>:currency_code </tt> -- (Optional) Search by currency code.
+      # * <tt>:status</tt> -- (Optional) Search by transaction status. It is one of the following values:
+      #     One of:
+      #     Pending – The payment is pending. The specific reason the payment is pending is returned by the GetTransactionDetails API PendingReason field.
+      #     Processing – The payment is being processed.
+      #     Success – The payment has been completed and the funds have been added successfully to your account balance.
+      #     Denied – You denied the payment. This happens only if the payment was previously pending.
+      #     Reversed – A payment was reversed due to a chargeback or other type of reversal. The funds have been removed from your account balance and returned to the buyer.
+      #   
+      def transaction_search(options)
+        requires!(options, :start_date)
+        commit 'TransactionSearch', build_transaction_search(options)
+      end
+
+      # ==== Parameters:
+      # * <tt>:return_all_currencies</tt> -- Either '1' or '0'
+      #     0 – Return only the balance for the primary currency holding.
+      #     1 – Return the balance for each currency holding.
+      #
+      def balance(return_all_currencies = false)
+        clean_currency_argument = case return_all_currencies
+                                  when 1, '1' , true; '1'
+                                  else
+                                    '0'
+                                  end
+        commit 'GetBalance', build_get_balance(clean_currency_argument)
+      end
+
+      # DoAuthorization takes the transaction_id returned when you call
+      # DoExpressCheckoutPayment with a PaymentAction of 'Order'.
+      # When you did that, you created an order authorization subject to settlement 
+      # with PayPal DoAuthorization and DoCapture
+      # 
+      # ==== Parameters:
+      # * <tt>:transaction_id</tt> -- The ID returned by DoExpressCheckoutPayment with a PaymentAction of 'Order'.
+      # * <tt>:money</tt> -- The amount of money to be authorized for this purchase.
+      # 
+      def authorize_transaction(transaction_id, money, options = {})
+        commit 'DoAuthorization', build_do_authorize(transaction_id, money, options)
+      end
+
+      # The ManagePendingTransactionStatus API operation accepts or denys a 
+      # pending transaction held by Fraud Management Filters.
+      #
+      # ==== Parameters:
+      # * <tt>:transaction_id</tt> -- The ID of the transaction held by Fraud Management Filters.
+      # * <tt>:action</tt> -- Either 'Accept' or 'Deny'
+      # 
+      def manage_pending_transaction(transaction_id, action)
+        commit 'ManagePendingTransactionStatus', build_manage_pending_transaction_status(transaction_id, action)
+      end
+
       private
+      def build_request_wrapper(action, options = {})
+        xml = Builder::XmlMarkup.new :indent => 2
+        xml.tag! action + 'Req', 'xmlns' => PAYPAL_NAMESPACE do
+          xml.tag! action + 'Request', 'xmlns:n2' => EBAY_NAMESPACE do
+            xml.tag! 'n2:Version', API_VERSION
+            if options[:request_details]
+              xml.tag! 'n2:' + action + 'RequestDetails' do
+                yield(xml)
+              end
+            else
+              yield(xml)
+            end
+          end
+        end
+        xml.target!
+      end
+
+      def build_do_authorize(transaction_id, money, options = {})
+        build_request_wrapper('DoAuthorization') do |xml|
+          xml.tag! 'TransactionID', transaction_id
+          xml.tag! 'Amount', amount(money), 'currencyID' => options[:currency] || currency(money)
+        end
+      end
+
       def build_reauthorize_request(money, authorization, options)
         xml = Builder::XmlMarkup.new
         
@@ -204,6 +355,55 @@ module ActiveMerchant #:nodoc:
         xml.target!
       end
 
+      def build_manage_pending_transaction_status(transaction_id, action)
+        build_request_wrapper('ManagePendingTransactionStatus') do |xml|
+          xml.tag! 'TransactionID', transaction_id
+          xml.tag! 'Action', action
+        end
+      end
+      
+      def build_reference_transaction_request(money, options)
+        opts = options.dup
+        opts[:ip_address] ||= opts[:ip]
+        currency_code = opts[:currency] || currency(money)
+        reference_transaction_optional_fields = %w{ n2:ReferenceID n2:PaymentAction 
+                                                    n2:PaymentType n2:IPAddress
+                                                    n2:ReqConfirmShipping n2:MerchantSessionId
+                                                    n2:ReturnFMFDetails n2:SoftDescriptor }
+        build_request_wrapper('DoReferenceTransaction', :request_details => true) do |xml|
+          add_optional_fields(xml, reference_transaction_optional_fields, opts)
+          add_payment_details(xml, money, currency_code, opts)
+        end
+      end
+
+      def build_get_transaction_details(transaction_id)
+        build_request_wrapper('GetTransactionDetails') do |xml|
+          xml.tag! 'TransactionID', transaction_id
+        end
+      end
+
+      def build_transaction_search(options)
+        currency_code = options[:currency_code]
+        currency_code ||= currency(options[:amount]) if options[:amount]
+        transaction_search_optional_fields = %w{ Payer ReceiptID Receiver
+                                                 TransactionID InvoiceID CardNumber
+                                                 AuctionItemNumber TransactionClass
+                                                 CurrencyCode Status }
+        build_request_wrapper('TransactionSearch') do |xml|
+          xml.tag! 'StartDate', date_to_iso(options[:start_date])
+          xml.tag! 'EndDate', date_to_iso(options[:end_date]) unless options[:end_date].blank?
+          add_optional_fields(xml, transaction_search_optional_fields, options)
+          xml.tag! 'Amount', localized_amount(options[:amount], currency_code), 'currencyID' => currency_code  unless options[:amount].blank?
+        end
+      end
+
+
+      def build_get_balance(return_all_currencies)
+        build_request_wrapper('GetBalance') do |xml|
+          xml.tag! 'ReturnAllCurrencies', return_all_currencies unless return_all_currencies.nil?
+        end
+      end
+
       def parse(action, xml)
         legacy_hash = legacy_parse(action, xml)
         xml = strip_attributes(xml)
@@ -313,11 +513,93 @@ module ActiveMerchant #:nodoc:
           xml.tag! 'n2:CityName', address[:city]
           xml.tag! 'n2:StateOrProvince', address[:state].blank? ? 'N/A' : address[:state]
           xml.tag! 'n2:Country', address[:country]
-          xml.tag! 'n2:Phone', address[:phone]
+          xml.tag! 'n2:Phone', address[:phone] unless address[:phone].blank?
           xml.tag! 'n2:PostalCode', address[:zip]
         end
       end
       
+      def add_payment_details_items_xml(xml, options, currency_code)
+        options[:items].each do |item|
+          xml.tag! 'n2:PaymentDetailsItem' do
+            xml.tag! 'n2:Name', item[:name]
+            xml.tag! 'n2:Number', item[:number]
+            xml.tag! 'n2:Quantity', item[:quantity]
+            if item[:amount]
+              xml.tag! 'n2:Amount', localized_amount(item[:amount], currency_code), 'currencyID' => currency_code
+            end
+            xml.tag! 'n2:Description', item[:description]
+            xml.tag! 'n2:ItemURL', item[:url]
+            xml.tag! 'n2:ItemCategory', item[:category] if item[:category]
+          end
+        end
+      end
+      
+      def add_payment_details(xml, money, currency_code, options = {})
+        xml.tag! 'n2:PaymentDetails' do
+          xml.tag! 'n2:OrderTotal', localized_amount(money, currency_code), 'currencyID' => currency_code
+          
+          # All of the values must be included together and add up to the order total
+          if [:subtotal, :shipping, :handling, :tax].all?{ |o| options.has_key?(o) }
+            xml.tag! 'n2:ItemTotal', localized_amount(options[:subtotal], currency_code), 'currencyID' => currency_code
+            xml.tag! 'n2:ShippingTotal', localized_amount(options[:shipping], currency_code),'currencyID' => currency_code
+            xml.tag! 'n2:HandlingTotal', localized_amount(options[:handling], currency_code),'currencyID' => currency_code
+            xml.tag! 'n2:TaxTotal', localized_amount(options[:tax], currency_code), 'currencyID' => currency_code
+          end
+
+          xml.tag! 'n2:InsuranceTotal', localized_amount(options[:insurance_total], currency_code),'currencyID' => currency_code unless options[:insurance_total].blank?
+          xml.tag! 'n2:ShippingDiscount', localized_amount(options[:shipping_discount], currency_code),'currencyID' => currency_code unless options[:shipping_discount].blank?
+          xml.tag! 'n2:InsuranceOptionOffered', options[:insurance_option_offered] if options.has_key?(:insurance_option_offered)
+
+          xml.tag! 'n2:OrderDescription', options[:description] unless options[:description].blank?
+          
+          # Custom field Character length and limitations: 256 single-byte alphanumeric characters
+          xml.tag! 'n2:Custom', options[:custom] unless options[:custom].blank? 
+
+          xml.tag! 'n2:InvoiceID', (options[:order_id] || options[:invoice_id]) unless (options[:order_id] || options[:invoice_id]).blank?
+          xml.tag! 'n2:ButtonSource', application_id.to_s.slice(0,32) unless application_id.blank? 
+
+          # The notify URL applies only to DoExpressCheckoutPayment. 
+          # This value is ignored when set in SetExpressCheckout or GetExpressCheckoutDetails
+          xml.tag! 'n2:NotifyURL', options[:notify_url] unless options[:notify_url].blank? 
+                    
+          add_address(xml, 'n2:ShipToAddress', options[:shipping_address]) unless options[:shipping_address].blank?
+          
+          add_payment_details_items_xml(xml, options, currency_code) unless options[:items].blank?
+
+          add_express_only_payment_details(xml, options) if options[:express_request]
+
+          # Any value other than Y – This is not a recurring transaction
+          # To pass Y in this field, you must have established a billing agreement with 
+          # the buyer specifying the amount, frequency, and duration of the recurring payment.
+          # requires version 80.0 of the API
+          xml.tag! 'n2:Recurring', options[:recurring] unless options[:recurring].blank? 
+        end
+      end
+
+      def add_express_only_payment_details(xml, options = {})
+        add_optional_fields(xml, 
+                            %w{n2:NoteText          n2:SoftDescriptor 
+                               n2:TransactionId     n2:AllowedPaymentMethodType 
+                               n2:PaymentRequestID  n2:PaymentAction}, 
+                            options)
+      end
+
+      def add_optional_fields(xml, optional_fields, options = {})
+        optional_fields.each do |optional_text_field|
+          if optional_text_field =~ /(\w+:)(\w+)/
+            ns = $1
+            field = $2
+            field_as_symbol = field.underscore.to_sym
+          else
+            ns = ''
+            field = optional_text_field
+            field_as_symbol = optional_text_field.underscore.to_sym
+          end
+          xml.tag! ns + field, options[field_as_symbol] unless options[field_as_symbol].blank?
+        end
+        xml
+      end
+      
       def endpoint_url
         URLS[test? ? :test : :live][@options[:signature].blank? ? :certificate : :signature]
       end
@@ -349,6 +631,10 @@ module ActiveMerchant #:nodoc:
       def message_from(response)
         response[:message] || response[:ack]
       end
+
+      def date_to_iso(date)
+        (date.is_a?(Date) ? date.to_time : date).utc.iso8601
+      end
     end
   end
 end